3776 matches found
CVE-2026-31506 net: bcmasp: fix double free of WoL irq
In the Linux kernel, the following vulnerability has been resolved: net: bcmasp: fix double free of WoL irq We do not need to free wolirq since it was instantiated with devmrequestirq. So devres will free for us...
CVE-2026-31506
The CVE-2026-31506 issue concerns the Linux kernel bcmasp component where the Wake-on-LAN (WoL) IRQ handler could be double-freed. The problem stems from handling of the WoL irq; the patch indicates wol_irq does not need explicit freeing because it is allocated with devm_request_irq, and devres h...
CVE-2026-31506 net: bcmasp: fix double free of WoL irq
In the Linux kernel, the following vulnerability has been resolved: net: bcmasp: fix double free of WoL irq We do not need to free wolirq since it was instantiated with devmrequestirq. So devres will free for us...
PT-2026-34337
My last CVE-2026-31077 of China PTZ camera lead to RCE + RTSP video stream over LAN network. The camera uses the app named “CareCamPro” with +1m downloads on Play Store https://t.co/S0T5XS8udh...
Linux Distros Unpatched Vulnerability : CVE-2026-31506
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: bcmasp: fix double free of WoL irq We do not need to free wolirq since it was instantiated with devmrequestirq. So devres will free for us. CVE-2026-31506...
PT-2026-34411
In the Linux kernel, the following vulnerability has been resolved: net: bcmasp: fix double free of WoL irq We do not need to free wol irq since it was instantiated with devm request irq. So devres will free for us...
Unity Linux 20.1070e Security Update: freerdp (UTSA-2026-006941)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006941 advisory. FreeRDP is a free implementation of the Remote Desktop Protocol RDP. In versions prior to 2.7.0, NT LAN Manager NTLM authentication does not properly abort when...
(0Day) Microsoft Office URI Handler NTLM Response Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose NTLM responses on affected installations of Microsoft Office. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013013)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013013 advisory. In the Linux kernel, the following vulnerability has been resolved: bpf: Fix metadatadst leak bpfredirectneighv4,6 Cilium has a BPF egress gateway feature which forc...
EUVD-2026-22991
Git for Windows is the Windows port of Git. Versions prior to 2.53.0.windows.3 do not have protections that prevent attackers from obtaining a user's NTLM hash. The NTLM hash can be obtained by tricking users into cloning a malicious repository, or checking out a malicious branch, that accesses a...
CVE-2026-5995
The CVE affects Totolink A7100RU (firmware 7.4cu.2313_b20191024). The vulnerable component is /cgi-bin/cstecgi.cgi, function setMiniuiHomeInfoShow, where manipulating the lan_info argument enables OS command injection. Impact is described as high for confidentiality, integrity, and availability, ...
CVE-2026-5995
A weakness has been identified in Totolink A7100RU 7.4cu.2313b20191024. Impacted is the function setMiniuiHomeInfoShow of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Executing a manipulation of the argument laninfo can lead to os command injection. The attack may be performed from...
CVE-2026-5995 Totolink A7100RU CGI cstecgi.cgi setMiniuiHomeInfoShow os command injection
A weakness has been identified in Totolink A7100RU 7.4cu.2313b20191024. Impacted is the function setMiniuiHomeInfoShow of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Executing a manipulation of the argument laninfo can lead to os command injection. The attack may be performed from...
PT-2026-31835
Name of the Vulnerable Software and Affected Versions Totolink A7100RU version 7.4cu.2313 b20191024 Description A weakness exists in the Totolink A7100RU version 7.4cu.2313 b20191024. The setMiniuiHomeInfoShow function within the /cgi-bin/cstecgi.cgi file of the CGI Handler component is affected...
TOTOLINK A7100RU 操作系统命令注入漏洞
The TOTOLINK A7100RU is a wireless router produced by TOTOLINK, a Chinese company. The Totolink A7100RU 7.4cu.2313b20191024 version contains an operating system command injection vulnerability. This vulnerability stems from the lack of proper validation in the handling of the laninfo parameter in...
CVE-2026-33781
An Improper Check for Unusual or Exceptional Conditions vulnerability in the packet forwarding engine pfe of Juniper Networks Junos OS on specific EX and QFX Series devices allow an unauthenticated, adjacent attacker to cause a complete Denial of Service DoS. On EX4k, and QFX5k platforms configur...
CVE-2026-33781
An Improper Check for Unusual or Exceptional Conditions vulnerability in the packet forwarding engine pfe of Juniper Networks Junos OS on specific EX and QFX Series devices allow an unauthenticated, adjacent attacker to cause a complete Denial of Service DoS. On EX4k, and QFX5k platforms configur...
CVE-2026-33781
Junos OS on EX Series and QFX Series is affected by CVE-2026-33781. In VXLAN scenarios, when L2PT is enabled on the UNI and VSTP on the NNI, receiving VSTP BPDUs on UNI can trigger a memory leak in the packet forwarding engine (pfe) and packet buffer allocation failures, causing the device to sto...
CVE-2026-5853 Totolink A7100RU CGI cstecgi.cgi setIpv6LanCfg os command injection
A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313b20191024. Affected by this vulnerability is the function setIpv6LanCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument addrPrefixLen leads to os command injection. The attack...
CVE-2026-5608
A vulnerability was detected in Belkin F9K1122 1.00.33. Affected is the function formWlanSetup of the file /goform/formWlanSetup. The manipulation of the argument webpage results in stack-based buffer overflow. The attack may be performed from remote. The exploit is now public and may be used. Th...